Welcome to my world
This is more or less a hint for me how to do it. Maybe it helps you, too.
openssl pkcs12 -in example.com.pfx -clcerts -nokeys -out example.com.crt openssl pkcs12 -in example.com.pfx -nocerts -out example.com-encrypted.key openssl rsa -in cert-encrypted.key -out example.com.key openssl pkcs12 -in example.com.pfx -cacerts -nokeys -out ca-cert.ca
Then in the apache config
SSLCertificateFile certs/example.com.crt SSLCACertificateFile certs/ca-cert.ca SSLCertificateKeyFile certs/example.com.key
I played a bit with influxdb version 2.0.0, telegraf client and two of my raspberry pies.
On my oldest pi a 1 B+ the telegraf client caused too much performance issues on that light weight single CPU and 480 MB of usable RAM. So I chose a simple bash script with curl to send the CPU temperature to influxdb.
#!/bin/bash
timestamp=$(date +%s)
temp=$(vcgencmd measure_temp)
curl -XPOST \
"https://flux.example.com/api/v2/write?org=none&bucket=pihole&precision=s" \
--header "Authorization: Token asas==" \
--data-raw "cpu-temperature,host=pihole ${temp//\'C/} ${timestamp}"
At first I was running influxdbd by hand. But I didn’t want the usual port of 9999 of the alpha version and I also wanted SSL encryption when I log into the backend. Pretty easy with the already running apache on that server.
<VirtualHost *:443> ServerName flux.example.com DocumentRoot /var/www/empty <Directory /var/www/empty> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory> ProxyPass / http://localhost:9999/ ProxyPassReverse / http://localhost:9999/ SSLEngine on SSLCertificateFile fullchain.pem SSLCertificateKeyFile privkey.pem </VirtualHost>
so far so good. Starting the influxdb by hand after a reboot or failing isn’t an option. So I created by on systemd service file
sudo $EDITOR /lib/systemd/system/influxdb2.service
[Unit] Description=InfluxDB 2.0 service file. Documentation=https://v2.docs.influxdata.com/v2.0/get-started/ After=network-online.target [Service] User=influx Group=influx ExecStart=/usr/local/bin/influxd Restart=on-failure [Install] WantedBy=multi-user.target
Do not forget to enable it :D sudo systemctl enable influxdb2
So far I made one observation. The telegraf client is doing a lot of DNS requests through the network. If I’m not wrong it does it for every request. If you look at the graphic you see that the bottom a big blue line. That is the DNS requests from telegraf. At some point around 20:00 You see a drop. Well there I change the flush interval to 120 seconds. Later at round 7:30 I wrote the IP and host name into /etc/hosts and the “noise” was gone. That is something you maybe want to do in your devices, too to save some bandwidth and energy.
Since a few weeks the ssllabs server tests marks three more ciphers as CBC ciphers. Block ciphers are not secure. And flagged orange in the test results.
The candidates are
ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
Removing them form the configuration also means removing the support for several older browsers.
The new recommended cipher suite is:
SSLCipherSuite SSL ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384 SSLCipherSuite TLSv1.3 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384
Thanks to Gregg for showing the other POLY 1305 ciphers that I didn’t know of until today. I saw you post at AL.
Update: I had to remove ECDHE-RSA-CHACHA20-POLY1305 and DHE-RSA-CHACHA20-POLY1305 since they are not HIPAA nor NIST compatible.
The TLS_AES_128_GCM_SHA256 ciphers is mandatory for TLS 1.3, but I kindly ignore that since I want only 256 bit encryption. This is not madness, this is crypto wars.
The whole configuration
<If "%{SERVER_PORT} == '443'">
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15553000; preload"
</IfModule>
</If>
SSLUseStapling On
SSLSessionCache shmcb:/opt/apache2/logs/ssl_gcache_data(512000)
SSLStaplingCache shmcb:/opt/apache2/logs/ssl_stapling_data(512000)
SSLOptions +StrictRequire +StdEnvVars -ExportCertData
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite SSL ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384
SSLCipherSuite TLSv1.3 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384
SSLOpenSSLConfCmd ECDHParameters secp384r1
SSLOpenSSLConfCmd Curves sect571r1:sect571k1:secp521r1:sect409k1:sect409r1:secp384r1:sect283k1:sect283r1:secp256k1:prime256v1
H2Direct On
I have an A record for *.local at my test domain to 127.0.0.1
For web development it is often required to have a domain name rather than a subfolder in localhost. A vhost for a (sub)domain is easy to set up on my local apache instllation. I can have even a free, valid SSL certificate for that vhost. Wait, what? How can I have a valid certificate for free for a local domain? I use Let’s encrypt with DNS chalange. Sure every time I have to update the certifacte I have to change a DNS txt record, but that is easy.
Another reason why I have a wild card record to 127.0.0.1 is that I can add as many vhosts for testing to apache and don’t have to add or change the DNS settings. Also I can use it on every computer as long as it can query the DNS server on the internet. I can even give my co worker my vhost config and it works without changes.
So *.local.apachehaus.de is free for development. But you can’t have a SSL certificate. If you want that, you can do the same trick with your domain. Happy development.
Finding a good cipher for your web server is not an easy task. openssl ciphers -v ALL:COMPLEMENTOFALL lists all the available ciphers on your system.
What we don’t want
That gives us:
openssl ciphers -v ALL:COMPLEMENTOFALL | grep -v "SSLv3" | grep -v "(128)" | grep -v "Enc=None" | \ grep -v "Au=DSS" | grep -v "DHE-RSA-AES256-SHA" | grep -v "TLSv1 " | grep -v "Au=PSK" | grep -v "Kx=RSAPSK" | \ grep -v "CAMELLIA" | grep -v "CBC" | grep -v "Au=RSA" | grep -v "Au=None" | grep -v "Enc=AESCCM"
now choose your poison.
The chosen SSL Config was very good! But for I client I had to meet the specs from PCI DSS[1], HIPAA[2] and NIST[3].
The server already was PCI DSS ready. However since there are medical data it had to meet HIPAA too.
It turned out that HIPAA does not allow the nice CHACHA20-POLY1305 ciphers and I had to enable SSLStaplingCache that I turned of when I used StartSSL Certs cause of the timeout / outage from the response server from start ssl.
<If "%{SERVER_PORT} == '443'">
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15553000; preload"
</IfModule>
</If>
SSLUseStapling On
SSLSessionCache shmcb:/opt/apache2/logs/ssl_gcache_data(512000)
SSLStaplingCache shmcb:/opt/apache2/logs/ssl_stapling_data(512000)
SSLOptions +StrictRequire +StdEnvVars -ExportCertData
SSLProtocol -all +TLSv1.1 +TLSv1.2
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA
SSLOpenSSLConfCmd ECDHParameters secp384r1
SSLOpenSSLConfCmd Curves sect571r1:sect571k1:secp521r1:sect409k1:sect409r1:secp384r1:sect283k1:sect283r1:secp256k1:prime256v1
H2Direct On
I still get an A+ on ssllabs plus all green lights on htbridge ssl test.
[1] Payment Card Industry Data Security Standard
[2] Health Insurance Portability and Accountability Act
[3] National Institute of Standards and Technology
At Qualys SLL Test labs tests I never had 100% for Key Exchange. Even adding a 4096 Diffie Hellman key did not do the trick.
Now I found adding
SSLOpenSSLConfCmd ECDHParameters secp384r1
to the config from Part 4 does the trick!
Now I can have all your bars on Qualys SSL Test at 100% without having an insane config no client can connect to.
To get rid of 128 bit encryption I had to disable
ECDHE-RSA-AES128-GCM-SHA256
But then I got error messages from the popular browsers Server negotiated HTTP/2 with blacklisted suite. That is caused by DHE-RSA-AES256-SHA and ECDHE-RSA-AES256-SHA
With a lof of trial and error I came to the following
Listen 443
<If "%{SERVER_PORT} == '443'">
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15553000; preload"
</IfModule>
</If>
ProtocolsHonorOrder On
Protocols h2c h2 http/1.1
SSLUseStapling off
SSLSessionCache shmcb:/opt/apache2/logs/ssl_gcache_data(512000)
SSLOptions +StrictRequire +StdEnvVars -ExportCertData
SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256
However that has the negative effect that Android smaller than 7 and smaller than IE 11 can’t connect to the server. Also some older Firefox versions can’t connect. Depending on the application it might be worth to use such a config that doesn’t allow 128 bit encrypted connections.
HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header. Once a supported browser receives this header that browser will prevent any communications from being sent over HTTP to the specified domain and will instead send all communications over HTTPS. It also prevents HTTPS click through prompts on browsers.
How to achieve apache with a bullet proof SSL config and HTTP Strict Transport Security (HSTS) with long duration
Here is goes
<IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=15553000; includeSubDomains" </IfModule> SSLUseStapling on SSLSessionCache shmcb:/opt/apache2/logs/ssl_gcache_data(512000) SSLStaplingCache shmcb:/opt/apache2/logs/ssl_stapling_data(512000) SSLOptions +StrictRequire +StdEnvVars -ExportCertData SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2 SSLCompression Off SSLHonorCipherOrder On SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!LOW:!MD5:!aNULL:!eNULL:!3DES:!EXP:!PSK:!SRP:!DSS
This gives a A+ at Qualys SSL Labs SSL Test.
SSL Tests like https://www.ssllabs.com/ssltest/index.html show a vulnerability against CRIME Attack. To overcome / defend that with apache you can turn off the SSL compression.
SSLCompression off
That makes it easy to defend it.